At work, they blocked personal email. Our IT staff couldn't find a good way to block only Gmail so they blocked ALL Google accounts. I asked my supervisor if all Google sign-ins should be blocked and he confirmed Gmail only, they just didn't do it correctly. I use Google Calendar for work and being unable to sign into it is really hurting me. I've sent a request to our IT dept but they are currently dealing with server upgrades and whatnot. Basically, I'm low on the priority list.
So my question is: Is there any way to sign into Google Chrome browser or individual Google sites without going through "accounts.google.com"? I don't care about Gmail, I'm not trying to go around what they want blocked, I just need to be able to log into Google Accounts so I can let Outlook sync with Google Calendar.
Best Answer
HTTP request headers have a domain field that states the domain the request is for, it's mainly useful for addresses that have multiple domains/sites. It's a required field in HTTP 1.1, so they could somewhat-reliably block according to that.
However, the problem is with SSL/TLS, it would encrypt everything so that the field couldn't be accessed. That could be subverted by blocking encryption for google entirely, although that's a bit extreme. Other methods might be to have everyone use a proxy that blocks requests to gmail, but a good method would be to block DNS requests/replies for
mail.google.com
, which skips encryption entirely, but it still has some caveats. (e.g. people could add the IP addresses formail.google.com
to their hosts file so that their browser resolves the domain properly while still sending the domain field so they access gmail)All in all, I'd recommend you suggest blocking DNS instead of them blocking the IP addresses themselves, they may miss one or two, but it's the majority they'll probably care about.